Browse Source

Escape provider name in oauth2 provider redirect (#12648)

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
for-closed-social
zeripath 4 years ago
committed by GitHub
parent
commit
58f57b3b6c
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
  1. +2
    -1
      modules/auth/oauth2/oauth2.go

+ 2
- 1
modules/auth/oauth2/oauth2.go View File

@ -6,6 +6,7 @@ package oauth2
import ( import (
"net/http" "net/http"
"net/url"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
@ -119,7 +120,7 @@ func RemoveProvider(providerName string) {
// used to create different types of goth providers // used to create different types of goth providers
func createProvider(providerName, providerType, clientID, clientSecret, openIDConnectAutoDiscoveryURL string, customURLMapping *CustomURLMapping) (goth.Provider, error) { func createProvider(providerName, providerType, clientID, clientSecret, openIDConnectAutoDiscoveryURL string, customURLMapping *CustomURLMapping) (goth.Provider, error) {
callbackURL := setting.AppURL + "user/oauth2/" + providerName + "/callback"
callbackURL := setting.AppURL + "user/oauth2/" + url.PathEscape(providerName) + "/callback"
var provider goth.Provider var provider goth.Provider
var err error var err error

Loading…
Cancel
Save